CVE-2022-3023: Use of Externally-Controlled Format String

November 4, 2022 (updated November 6, 2022)

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3.

References

github.com/advisories/GHSA-7fxj-fr3v-r9gj
github.com/pingcap/tidb/commit/d0376379d615cc8f263a0b17c031ce403c8dcbfb
huntr.dev/bounties/120f1346-e958-49d0-b66c-0f889a469540
nvd.nist.gov/vuln/detail/CVE-2022-3023

Code Behaviors & Features

Detect and mitigate CVE-2022-3023 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →